ASD revealed hacker stole 30GB of sensitive data on Australia’s military capabilities

The Australia’s foreign intelligence Agency ASD has revealed military sensitive information has been stolen by hackers who breached a Department of Defence contractor.

The Australia’s foreign intelligence agency, the Australian Signals Directorate (ASD), admitted a hacker has stolen over 30 GB of military documents. Stolen data includes details on fighter jets, military aircraft, and naval ships.

The hacker stole the huge trove of confidential data on military capabilities at an unnamed Department of Defence contractor. The ASD spokesperson Mitchell Clarke, who revealed the incident, confirmed that not “top secret” data was compromised, but data breach included sensitive information not publicly accessible.

The intelligence agency dubbed the hacker “Alf,” after a character in the “Home and Away” Australian TV soap opera.

The stolen files include confidential information, diagrams, and plans and details about the country’s arsenal, such as details on the new F-35 Joint Strike Fighter jet, the Boeing P-8 Poseidon submarine-hunting airplane, Lockheed-Marting C-130 transport aircrafts, JDAM guided bombs, and data on “some naval ships.”

“That ITAR data included information on the the [F-35] Joint Strike Fighters, the C-130, the P-8 Poseidon, the JDAM –that’s a smart bomb – and a few Australian naval vessels,” Mr Clarke said.

According to The Sydney Morning Herald, some of the stolen data was linked to the International Traffic in Arms Regulations, a US regulatory regime.

“A CYBER attack was successfully carried out by hackers who gained access to the computer system of a national security contractor last year.” reported the website news.com.au.

“The Federal Government is set to reveal details about the hack today when Assistant Minister for Cyber Security Dan Tehan launches the Australian Cyber Security Centre’s (ACSC) annual threat report.”

The data breach is dated back July 2016, but the ASD discovered it in November 2016, when a “partner organization” notified the Agency.

According to the ASD, the root cause of the incident was the use of weak passwords for the authentication at some of the target systems used by the defense contractor.

The defense contractor has roughly 50 employees and only one of them was tacked to secure its network.

ASD experts who conducted the forensic investigation on the breached servers found evidence of the China Chopper web shell, it is likely associated with the intrusion.

At the time is still unclear the threat actors’ motivation.

“It could have been a state actor, it could have been cyber criminals, and that’s why it was taken so seriously,” Mr Tehan said.

“We’re not 100 per cent sure, and that’s one of the difficulties of this area.”

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – ASD, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.